If you want to gross yourself out, google images of teeth without regular dental hygiene. Most of us would never dream of failing to brush our teeth, even if we sometimes get a little lax about flossing. Cyber “hygiene” works similarly: if you fail to perform adequate cyber security monitoring and routine cleaning, you can find yourself with some serious cyber cavities. Unfortunately, you might not have a visual for the damage that accumulates in a system by failing to perform routine hygiene.
It’s easy to see yucky teeth, much harder to “see” the tartar building up within your connected devices, leading to a bad case of cyber gingivitis. Yet the solutions, for the most part, can be very simple. Here’s what you need to know about regular cyber brushing.
Basic Cyber “Hygiene”
How badly can a failure to perform cyber hygiene go? In the past many months this question has played out on a global scale, where super viruses like WannaCry, Petya, and NotPetya, wormed their way through systems in multiple countries and many industries. Damage estimates continue to rise as new data comes rolling in, and are already estimated at more than $4 billion for the WannaCry virus alone.
That’s a hefty cyber dental bill for cyber attacks that were completely preventable. How preventable? Sure, these were NSA-grade exploits that may have had international state-sponsored threat actors behind them, but the vulnerabilities exploited by these cyber attacks depended upon outdated software. Patches had already been issued. But without cyber “hygiene,” companies and industries that felt the cyber hit had not performed the necessary actions to be patched against these exploits.
NotPetya had the capability to spread to devices that had been patched but still gained admission to infect through outdated devices. The solution to these and other cyber security weaknesses is continuous monitoring.
Benefits of Continuous Monitoring
Common weaknesses that could be addressed with some basic cyber security monitoring include:
- Updating systems as soon as updates are released, thereby preventing the majority of large-scale attacks.
- Upgrading legacy hardware with protected systems or cloud services, which often are much cheaper to maintain anyway.
- Identifying IoT (internet of things) and smartphone access vulnerabilities and granting such devices similar protections that are standard on other equipment.
- Safer peer-to-peer application usage, a common area of weakness in many organizations.
- Stopping intent-based security approaches that exploit the automation of most companies.
- Recognizing sketchy apps, replicated code, and other IT shortcuts that unintentionally expose a company’s internal security solutions to existing vulnerabilities.
- Following up on smaller attacks that most companies fail to spot, and yet can be the result of a system mapping or targeted attack.
The irony of these sorts of vulnerabilities is that we walk around with smartphones in hand, and yet utilize outdated and outmoded equipment and updates to protect such modern devices. Accessibility is advancing faster than security, in companies and businesses of every size and across every industry.
Reactive cyber security fixes work, but they cost more. It’s like the difference between tooth repair or replacement after major damage has already taken place: maintenance beforehand is both cheaper and easier. Proactive continuous cyber security monitoring is the way to get preemptive about security.
Today’s platforms recognize and understand the vulnerabilities and exploits that cyber threat actors utilize: whether they specifically target your company or you get washed in with the tide of a global threat. Combined with industry-specific insight, targeted and continuous cyber security monitoring is as efficient as it is effective. Cyber “hygiene” may take a little brushing every day, but the rewards are tremendous.